[bitcoin-dev] New BIP: Dealing with OP_IF and OP_NOTIF malleability in P2WSH
Peter Todd
pete at petertodd.org
Tue Aug 16 19:43:32 UTC 2016
On Tue, Aug 16, 2016 at 07:37:19PM +0000, Luke Dashjr via bitcoin-dev wrote:
> On Tuesday, August 16, 2016 5:53:08 PM Johnson Lau via bitcoin-dev wrote:
> > A new BIP is prepared to deal with OP_IF and OP_NOTIF malleability in
> > P2WSH:
> > https://github.com/jl2012/bips/blob/minimalif/bip-minimalif.mediawiki
> > https://github.com/bitcoin/bitcoin/pull/8526
>
> I am not sure this makes sense. SegWit transactions are already non-malleable
> due to skipping the witness data in calculating the transaction id. What is
> the benefit to this?
SegWit txids aren't malleable, but segwit transactions as a whole still are.
For instance, I could mess with a segwit transaction by replacing part of the
witness that is used as an argument to an OP_IF with a much larger push,
potentially making the transaction larger, thus making it not get mined due to
the higher fee. There are also potential legal issues if someone replaces a
push with data where posession in your jurisdiction is illegal.
Having said that, a better approach may be a separate CHECKBOOLVERIFY opcode
that fails unless the top item on the stack is a minimally encoded true or
false value, to allow script writers to opt into this behavior; it's not always
ideal.
--
https://petertodd.org 'peter'[:-1]@petertodd.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: Digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20160816/98322ba5/attachment.sig>
More information about the bitcoin-dev
mailing list